<?php
    session_start();
    include 'connect.php';
    $nickname = mysql_real_escape_string(htmlspecialchars($_POST['nickname'])); 
    $password = md5(mysql_real_escape_string(htmlspecialchars($_POST['password']))); 
    $recuperadati = mysql_query("SELECT * FROM utenti WHERE nickname = '$nickname' AND password = '$password'"); 
    $verifica = mysql_num_rows($recuperadati);

    if($verifica==1) {
    	$sessione=mysql_fetch_array($recuperadati);
    	$_SESSION['utente'] = $sessione['nickname'];
       	echo '<script language=javascript>document.location.href="./../index.php"</script>';
    }
    else {
    		echo '<script language=javascript>document.location.href="./../login_error.php"</script>';
    } 
?>